Version 1.13. This version is no longer supported. For information about how to upgrade to version 1.14, see Upgrading Anthos on bare metal in the 1.14 documentation. For more information about supported and unsupported versions, see the Version history page in the latest documentation.
You must configure the base operating system of your node machines to use Google Distributed Cloud. This page contains the steps you need to take to complete the needed configuration.
For more information about troubleshooting Google Distributed Cloud requirements, see the troubleshooting guides.
Before you begin
Ensure you are using a supported version of your operating system. Anthos on bare metal supports the following versions for CentOS:
CentOS 8.2
CentOS 8.3
CentOS 8.4
CentOS 8.5
Ensure you have root access to the machines you are configuring.
Validate Package manager with the following steps:
Check for updates:
sudodnfcheck-update
Ensure the output has no errors and includes the last metadata expiration
check. For example:
# Last metadata expiration check: ...
...
google-cloud-sdk.x86_64 ...
Configure or disable firewalld
Firewalld can be configured for use with Google Distributed Cloud or disabled. For
information on configuring firewalld, see
Configuring firewalld ports
on the Network requirements page.
Compare your output with the following example to ensure the Client and
Server versions are 19.03+ :
Client: Docker Engine - Community
Version: 19.03.13
...
Server: Docker Engine - Community
Engine:
Version: 19.03.13
Set up time synchronization
Time synchronization consists of setting the clocks on your node machines, using
a designated external time reference. Time synchronization is important for
time-sentive cluster activities, such as event logging and metrics collection.
The kernel of your node machine controls the clock in containers that run on the
node. To ensure proper time synchronization, install a network time protocol
(NTP) service on your machines, using any of the available services:
chrony, systemd-
timesyncd, ntp, or ntpdate. Run timedatectl to
verify that the system clock is synchronized. The output of timedatectl should
contain the following status:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eGoogle Distributed Cloud requires specific configurations to the base operating system of node machines, including supported CentOS versions 8.2 through 8.5.\u003c/p\u003e\n"],["\u003cp\u003eFirewalld must be either configured for use with Google Distributed Cloud or disabled, which can be done by stopping and disabling the firewalld service.\u003c/p\u003e\n"],["\u003cp\u003eDocker 19.03+ is required and can be manually installed, which involves removing previous versions, installing the correct repository, and verifying the correct client and server versions are running.\u003c/p\u003e\n"],["\u003cp\u003eTime synchronization is essential for time-sensitive cluster operations, and it can be achieved by installing an NTP service like chrony or systemd-timesyncd, and verifying using \u003ccode\u003etimedatectl\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003ePackage manager should be validated by checking for updates using the \u003ccode\u003esudo dnf check-update\u003c/code\u003e command, ensuring there are no errors and that it provides the last metadata expiration.\u003c/p\u003e\n"]]],[],null,["# Configure CentOS\n\n\u003cbr /\u003e\n\nYou must configure the base operating system of your node machines to use Google Distributed Cloud. This page contains the steps you need to take to complete the needed configuration. \n\nFor more information about troubleshooting Google Distributed Cloud requirements, see the [troubleshooting guides](/anthos/clusters/docs/bare-metal/1.13/troubleshooting/known-issues).\n\nBefore you begin\n----------------\n\nEnsure you are using a supported version of your operating system. Anthos on bare metal supports the following versions for CentOS:\n\n- CentOS 8.2\n- CentOS 8.3\n- CentOS 8.4\n- CentOS 8.5\n\nEnsure you have root access to the machines you are configuring.\nValidate Package manager with the following steps:\n\n1. Check for updates:\n\n sudo dnf check-update\n\n2. Ensure the output has no errors and includes the last metadata expiration\n check. For example:\n\n # Last metadata expiration check: ...\n ...\n google-cloud-sdk.x86_64 ...\n\nConfigure or disable firewalld\n------------------------------\n\nFirewalld can be configured for use with Google Distributed Cloud or disabled. For\ninformation on configuring firewalld, see\n[Configuring firewalld ports](/anthos/clusters/docs/bare-metal/1.13/concepts/network-reqs#configuring_firewalld_ports)\non the Network requirements page.\n\nThe following instructions disable firewalld.\n\n1. Disable firewalld:\n\n sudo systemctl stop firewalld\n sudo systemctl disable firewalld\n\n2. Check the status of firewalld to ensure it is disabled:\n\n sudo systemctl status firewalld | grep \"Active\"\n # Output\n # Active: inactive (dead)\n\nConfigure Docker 19.03+ on your workstation\n-------------------------------------------\n\n| **Note:** The workstation running `bmctl` needs non-root user access to Docker to start the temporary bootstrap cluster during installation. To enable non-root user access to Docker, go to [Manage Docker as a non-root user](https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user).\n\nFollow these steps to manually install Docker:\n\n1. Remove any previous Docker version:\n\n sudo dnf remove docker \\\n docker-client \\\n docker-client-latest \\\n docker-common \\\n docker-latest \\\n docker-latest-logrotate \\\n docker-logrotate \\\n docker-engine\n\n2. Remove podman-manpages\n\n sudo dnf remove podman-manpages\n\n3. Install Docker 19.03+:\n\n sudo dnf install -y yum-utils\n sudo yum-config-manager \\\n --add-repo \\\n https://download.docker.com/linux/centos/docker-ce.repo\n sudo dnf install -y docker-ce docker-ce-cli containerd.io\n sudo systemctl start docker\n\n4. Verify you are now running version 19.03+:\n\n sudo docker version\n\n5. Compare your output with the following example to ensure the Client and\n Server versions are 19.03+ :\n\n Client: Docker Engine - Community\n Version: 19.03.13\n ...\n Server: Docker Engine - Community\n Engine:\n Version: 19.03.13\n\nSet up time synchronization\n---------------------------\n\nTime synchronization consists of setting the clocks on your node machines, using\na designated external time reference. Time synchronization is important for\ntime-sentive cluster activities, such as event logging and metrics collection.\nThe kernel of your node machine controls the clock in containers that run on the\nnode. To ensure proper time synchronization, install a network time protocol\n(NTP) service on your machines, using any of the available services:\n[`chrony`](https://chrony.tuxfamily.org/), [`systemd-\ntimesyncd`](https://wiki.archlinux.org/index.php/systemd-%0Atimesyncd), `ntp`, or `ntpdate`. Run `timedatectl` to\nverify that the system clock is synchronized. The output of `timedatectl` should\ncontain the following status: \n\n System clock synchronized: yes"]]